Details
-
Improvement
-
Resolution: Obsolete
-
Neutral
-
None
-
None
-
None
-
None
Description
It's not clear how to configure OAuth 2.0. We really need an example of how this is done. Gmail would be a good example.
Here is the flow:
The steps:
The flow illustrated in Figure 2 includes the following steps:
(A) The client requests an access token by authenticating with the
authorization server and presenting an authorization grant.
(B) The authorization server authenticates the client and validates
the authorization grant, and if valid, issues an access token
and a refresh token.
(C) The client makes a protected resource request to the resource
server by presenting the access token.
(D) The resource server validates the access token, and if valid,
serves the request.
(E) Steps (C) and (D) repeat until the access token expires. If the
client knows the access token expired, it skips to step (G);
otherwise, it makes another protected resource request.
(F) Since the access token is invalid, the resource server returns
an invalid token error.
If the refresh token is issued after authentication then what should be provided in the field?
Checklists
Acceptance criteria
Attachments
Issue Links
- is related to
-
MGNLMAIL-66 Implement OAuth 2.0 authentication
-
- Closed
-
-
MGNLMAIL-136 CLONE - Implement OAuth 2.0 authentication
-
- Closed
-
- relates to
-
MGNLMAIL-104 Unable to send email through Gmail
-
- Closed
-